Security News > 2023 > October

Microsoft has detailed a new campaign in which attackers unsuccessfully attempted to move laterally to a cloud environment through a SQL Server instance. "The attackers initially exploited a SQL...

To keep Gmail users' inboxes "Safer and more spam-free", Google is introducing new requirements for bulk senders. "Last year we started requiring that emails sent to a Gmail address must have some form of authentication. And we've seen the number of unauthenticated messages Gmail users receive plummet by 75%, which has helped declutter inboxes while blocking billions of malicious messages with higher precision," said Neil Kumaran, group product manager, Gmail Security & Trust.

The U.S. Federal Emergency Management Agency and the Federal Communications Commission will run an emergency alert test today to check Emergency Alert System and Wireless Emergency Alerts capabilities nationwide. On consumers' phones, WEA alert messages will read: "This is a test of the National Wireless Emergency Alert System. No action is needed."

In this Help Net Security video, we take you inside Cybertech Europe 2023 at La Nuvola Convention Center in Rome. The video features the following vendors: Accenture, Armis, Atlantica, Cisco,...

Amazon wants to make it more difficult for attackers to compromise Amazon Web Services root accounts, by requiring those account holders to enable multi-factor authentication. The root account holder is the first identity created when creating an AWS account and the most privileged user, as it has access to all AWS services and resources in the account.

A new Linux security vulnerability dubbed Looney Tunables has been discovered in the GNU C library's ld.so dynamic loader that, if successfully exploited, could lead to a local privilege...

3) The regulatory focus overlooks the potential for business leaders and privacy leaders to leverage privacy as both a market differentiator and a competitive edge. Why is this important? When business and privacy leaders focus on privacy as a compliance issue, they run the risk of not understanding the true impact their privacy activities have on the extended stakeholder community, including the broader economy, the environment and the society in which they operate.

In this Help Net Security interview, Gaspard de Lacroix-Vaubois, CEO at Skypher, talks about the implementation of security questionnaires and how they facilitate assessments and accountability across all participants in the technology supply chain, fostering trust and safeguarding sensitive data. Many organizations overlook the critical role of security questionnaires in risk assessment.

In this Help Net Security video, Ivana Bartoletti, Global Privacy Officer at Wipro, discusses how organizations should deal with and deploy LLMs securely. Those who push the apocalypse scenario of monster machines taking over the world and destroying humans en masse aren't doing us any favors.

Businesses are taking cybersecurity more seriously by boosting resources and preparedness, according to GetApp. While there is still work to be done, increased investments and training are likely behind these impressive gains: the study shows that, since last year, phishing links clicked by workers decreased 25% while ransomware attacks dropped 30%. However, the report finds that only 34% of businesses are training staff on social engineering techniques.